unofficial mirror of guix-devel@gnu.org 
 help / color / mirror / code / Atom feed
* Tor hidden services
@ 2015-11-27 23:59 Ludovic Courtès
  2015-11-28  0:17 ` Thompson, David
  2015-11-28 19:37 ` Leo Famulari
  0 siblings, 2 replies; 5+ messages in thread
From: Ludovic Courtès @ 2015-11-27 23:59 UTC (permalink / raw)
  To: guix-devel

Commit adds ‘tor-hidden-service’, which can be used to specify hidden
services quite easily.

For example, to have your SSH daemon accessible over something.onion:22,
just do:

  (operating-system
    ;; …
    (services (cons* (lsh-service #:interfaces '("127.0.0.1"))
                     (tor-hidden-service "ssh" '((22 "127.0.0.1:22")))
                     (tor-service)
                     %desktop-services)))

and then you can:

  torify ssh something.onion

from anywhere.

Ludo’.

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: Tor hidden services
  2015-11-27 23:59 Tor hidden services Ludovic Courtès
@ 2015-11-28  0:17 ` Thompson, David
  2015-11-28 14:02   ` Ludovic Courtès
  2015-11-28 19:37 ` Leo Famulari
  1 sibling, 1 reply; 5+ messages in thread
From: Thompson, David @ 2015-11-28  0:17 UTC (permalink / raw)
  To: Ludovic Courtès; +Cc: guix-devel

On Fri, Nov 27, 2015 at 6:59 PM, Ludovic Courtès <ludo@gnu.org> wrote:
> Commit adds ‘tor-hidden-service’, which can be used to specify hidden
> services quite easily.
>
> For example, to have your SSH daemon accessible over something.onion:22,
> just do:
>
>   (operating-system
>     ;; …
>     (services (cons* (lsh-service #:interfaces '("127.0.0.1"))
>                      (tor-hidden-service "ssh" '((22 "127.0.0.1:22")))
>                      (tor-service)
>                      %desktop-services)))
>
> and then you can:
>
>   torify ssh something.onion
>
> from anywhere.

Wow, awesome!  I've never used a Tor hidden service before because I
never understood how things work, but this configuration looks so
simple that I don't have much excuse to not try it out.  Thanks!

- Dave

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: Tor hidden services
  2015-11-28  0:17 ` Thompson, David
@ 2015-11-28 14:02   ` Ludovic Courtès
  0 siblings, 0 replies; 5+ messages in thread
From: Ludovic Courtès @ 2015-11-28 14:02 UTC (permalink / raw)
  To: Thompson, David; +Cc: guix-devel

"Thompson, David" <dthompson2@worcester.edu> skribis:

> On Fri, Nov 27, 2015 at 6:59 PM, Ludovic Courtès <ludo@gnu.org> wrote:
>> Commit adds ‘tor-hidden-service’, which can be used to specify hidden
>> services quite easily.
>>
>> For example, to have your SSH daemon accessible over something.onion:22,
>> just do:
>>
>>   (operating-system
>>     ;; …
>>     (services (cons* (lsh-service #:interfaces '("127.0.0.1"))
>>                      (tor-hidden-service "ssh" '((22 "127.0.0.1:22")))
>>                      (tor-service)
>>                      %desktop-services)))
>>
>> and then you can:
>>
>>   torify ssh something.onion
>>
>> from anywhere.
>
> Wow, awesome!  I've never used a Tor hidden service before because I
> never understood how things work, but this configuration looks so
> simple that I don't have much excuse to not try it out.  Thanks!

We largely owe this to Tor, which is itself very simple to configure:

  https://www.torproject.org/docs/tor-hidden-service.html.en

Pretty cool!

Ludo’.

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: Tor hidden services
  2015-11-27 23:59 Tor hidden services Ludovic Courtès
  2015-11-28  0:17 ` Thompson, David
@ 2015-11-28 19:37 ` Leo Famulari
  2015-11-29 10:11   ` Ludovic Courtès
  1 sibling, 1 reply; 5+ messages in thread
From: Leo Famulari @ 2015-11-28 19:37 UTC (permalink / raw)
  To: Ludovic Courtès; +Cc: guix-devel

On Sat, Nov 28, 2015 at 12:59:46AM +0100, Ludovic Courtès wrote:
> Commit adds ‘tor-hidden-service’, which can be used to specify hidden
> services quite easily.
> 
> For example, to have your SSH daemon accessible over something.onion:22,
> just do:
> 
>   (operating-system
>     ;; …
>     (services (cons* (lsh-service #:interfaces '("127.0.0.1"))
>                      (tor-hidden-service "ssh" '((22 "127.0.0.1:22")))
>                      (tor-service)
>                      %desktop-services)))
> 
> and then you can:
> 
>   torify ssh something.onion
> 
> from anywhere.

That's awesome! Thanks for making this service.

Are there any technical advantages to using lsh instead of OpenSSH, or
is the primary advantage the copyleft license?

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: Tor hidden services
  2015-11-28 19:37 ` Leo Famulari
@ 2015-11-29 10:11   ` Ludovic Courtès
  0 siblings, 0 replies; 5+ messages in thread
From: Ludovic Courtès @ 2015-11-29 10:11 UTC (permalink / raw)
  To: Leo Famulari; +Cc: guix-devel

Leo Famulari <leo@famulari.name> skribis:

> Are there any technical advantages to using lsh instead of OpenSSH, or
> is the primary advantage the copyleft license?

Various things are designed differently, which you may or may not like
(for instance the SPKI-inspired ‘lsh-authorize’
vs. ~/.ssh/authorized_keys, ‘lshg’ on the client side, use of Nettle
rather than OpenSSL for crypto primitives, etc.)

I like lshd but my growing concern is that it hasn’t seen new releases
in a while and its default cipher suites need to be updated, for
instance.

Ludo’.

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2015-11-29 10:11 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-11-27 23:59 Tor hidden services Ludovic Courtès
2015-11-28  0:17 ` Thompson, David
2015-11-28 14:02   ` Ludovic Courtès
2015-11-28 19:37 ` Leo Famulari
2015-11-29 10:11   ` Ludovic Courtès

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/guix.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).